←back to thread

SSH3: Faster and rich secure shell using HTTP/3

(github.com)
532 points tempaccount420 | 2 comments | 27 Sep 25 14:27 UTC | HN request time: 0.406s | source
Show context
kelnos ◴[27 Sep 25 18:50 UTC] No.45398425[source]
> Establishing a new session with SSHv2 can take 5 to 7 network round-trip times, which can easily be noticed by the user. SSH3 only needs 3 round-trip times. The keystroke latency in a running session is unchanged.

Bummer. From a user perspective, I don't see the appeal. Connection setup time has never been an annoyance for me.

SSH is battle-tested. This feels risky to trust, even whenever they end up declaring it production-ready.

replies(7): >>45399046 #>>45399565 #>>45399743 #>>45399861 #>>45401100 #>>45401784 #>>45402561 #
1. lxgr ◴[28 Sep 25 07:58 UTC] No.45402561[source]
Yes, and those that have fought in these battles know its limitations. Head-of-line blocking when using multiplexing is definitely one of them. This is a very reasonable incremental improvement.

Importantly, it does not seem to switch out any security mechanisms and is both an implementation and a specification draft, which means that OpenSSH could eventually pick it up too so that people don't have to trust a different implementing party.

replies(1): >>45403212 #
2. rollcat ◴[28 Sep 25 10:17 UTC] No.45403212[source]
> [...] which means that OpenSSH could eventually pick it up too [...]

Remember OpenSSH = OpenBSD. They have an opinionated & conservative approach towards adopting certain technologies, especially if it involves a complex stack, like QUIC.

"It has to be simple to understand, otherwise someone will get confused into doing the wrong thing."